Closed benfrancis closed 1 year ago
This causes our builds to fail but seems a bit tricky to fix without making an upstream change to pi-gen.
I can see such a config parameter being useful.
Do you know the reason that
--drop=cap_setfcap
is used, and does this seem like the likely cause? Can you recommend either a fix in pi-gen or a workaround in WebThings Gateway's build system?
It's used because not all filesystems support capabilities. For example, netbooting with an NFS root, wouldn't work well.
For now, if it's an urgent release, you can just remove the --drop=cap_setfcap
option.
@XECDesign Thanks very much for your response.
For now, if it's an urgent release, you can just remove the
--drop=cap_setfcap
option.
I don't suppose you have any advice on how to achieve that?
Our build.sh calls pi-gen's build-docker.sh, which it clones from GitHub. Is there any way for us to override this command from our stage3 directory, or would I have to write a script which modifies pi-gen's scripts/common script after cloning it?
That one approach. Another one might be to clone your own fork instead.
I've put adding a better approach to my todo list and will update the issue when that's sorted.
Thanks @XECDesign, this is great!
Do you have a policy about backporting fixes to previous releases?
I could do with the SETFCAP feature on the buster branch. I tried backporting your patch to the buster branch in a new fork, but for some reason the feature didn't seem to work for me.
For now we're just manually removing the --drop=cap_setfcap
argument from the setarch
commands in a fork.
Do you have a policy about backporting fixes to previous releases?
No problem with backporting simple low risk changes like this.
I've cherry-picked the commit and it seems to work okay on this end.
The WebThings Gateway open source project provides a Raspberry Pi image, built using pi-gen's
build-docker.sh
.Part of that build process uses
setcap
insidestage3/01-install-deps/01-run-chroot.sh
to give Python and Node.js scripts access to Bluetooth hardware, which is essential for the functioning of this IoT gateway software.This used to work, but in current builds these lines appear to be failing inside chroot because pi-gen uses the
--drop=cap_setfcap
flag in itson_chroot()
function.This causes our builds to fail but seems a bit tricky to fix without making an upstream change to pi-gen.
Do you know the reason that
--drop=cap_setfcap
is used, and does this seem like the likely cause? Can you recommend either a fix in pi-gen or a workaround in WebThings Gateway's build system?This is a critical build error blocking quite an urgent bugfix release for us.
Many thanks for this very useful project!